Developing Security Providers for Oracle WebLogic Server
Table of Contents
Show All | Collapse- Title and Copyright Information
- Preface
- 1 Introduction and Roadmap
- 2 Introduction to Developing Security Providers for WebLogic Server
- Prerequisites for This Guide
- Overview of the Development Process
- Designing the Custom Security Provider
- Creating Runtime Classes for the Custom Security Provider by Implementing SSPIs
- Generating an MBean Type to Configure and Manage the Custom Security Provider
- Writing Console Extensions
- Configuring the Custom Security Provider
- Providing Management Mechanisms for Security Policies, Security Roles, and Credential Maps
- 3 Design Considerations
- General Architecture of a Security Provider
- Security Services Provider Interfaces (SSPIs)
- Understand Two Important Restrictions
- Understand the Purpose of the "Provider" SSPIs
- Understand the Purpose of the Bulk Access Providers
- Determine Which "Provider" Interface You Will Implement
- Understand the SSPI Hierarchy and Determine Whether You Will Create One or Two Runtime Classes
- SSPI Quick Reference
- Security Service Provider Interface (SSPI) MBeans
- Understand Why You Need an MBean Type
- Determine Which SSPI MBeans to Extend and Implement
- Understand the Basic Elements of an MBean Definition File (MDF)
- Understand the SSPI MBean Hierarchy and How It Affects the Administration Console
- Understand What the WebLogic MBeanMaker Provides
- SSPI MBean Quick Reference
- Security Data Migration
- Management Utilities Available to Developers of Security Providers
- Security Providers and WebLogic Resources
- The Architecture of WebLogic Resources
- Types of WebLogic Resources
- WebLogic Resource Identifiers
- Creating Default Groups for WebLogic Resources
- Creating Default Security Roles for WebLogic Resources
- Creating Default Security Policies for WebLogic Resources
- Looking Up WebLogic Resources in a Security Provider's Runtime Class
- Single-Parent Resource Hierarchies
- ContextHandlers and WebLogic Resources
- Initialization of the Security Provider Database
- Differences In Attribute Validators
- 4 Authentication Providers
- 5 Identity Assertion Providers
- 6 Principal Validation Providers
- 7 Authorization Providers
- 8 Adjudication Providers
- 9 Role Mapping Providers
- 10 Auditing Providers
- 11 Credential Mapping Providers
- 12 Auditing Events From Custom Security Providers
- 13 Servlet Authentication Filters
- Authentication Filter Concepts
- How Filters Are Invoked
- Example of a Provider that Implements a Filter
- How to Develop a Custom Servlet Authentication Filter
- Create Runtime Classes Using the Appropriate SSPIs
- Implement the Servlet Authentication Filter SSPI
- Implement the Filter Interface Methods
- Implementing Challenge Identity Assertion from a Filter
- Generate an MBean Type Using the WebLogic MBeanMaker
- Configure the Authentication Provider Using Administration Console
- 14 Versionable Application Providers
- 15 CertPath Providers
- A MBean Definition File (MDF) Element Syntax